Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 201–225 of 14,631 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2000-0336 | LOW | 2.1 | 2000-04-21 | Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |
| CVE-2000-0458 | LOW | 2.1 | 2000-04-22 | The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. | |
| CVE-2000-0334 | LOW | 2.1 | 2000-04-24 | The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-metho… | |
| CVE-2000-0293 | LOW | 2.1 | 2000-05-02 | aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then inc… | |
| CVE-2000-0345 | LOW | 2.1 | 2000-05-03 | The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |
| CVE-2000-0382 | LOW | 2.6 | 2000-05-08 | ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | |
| CVE-2000-0387 | LOW | 2.1 | 2000-05-09 | The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. | |
| CVE-2000-0406 | LOW | 2.6 | 2000-05-10 | Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting tr… | |
| CVE-2000-0409 | LOW | 3.7 | 2000-05-10 | Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | |
| CVE-2000-0439 | LOW | 2.6 | 2000-05-11 | Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka th… | |
| CVE-2000-0379 | LOW | 3.6 | 2000-05-16 | The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | |
| CVE-2000-0445 | LOW | 2.1 | 2000-05-24 | The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys. | |
| CVE-2000-0553 | LOW | 2.6 | 2000-05-26 | Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions. | |
| CVE-2000-0456 | LOW | 2.1 | 2000-05-28 | NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". | |
| CVE-2000-0462 | LOW | 2.1 | 2000-05-28 | ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of th… | |
| CVE-2000-0455 | LOW | 2.1 | 2000-05-29 | Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | |
| CVE-2000-0461 | LOW | 2.1 | 2000-05-29 | The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the se… | |
| CVE-2000-0402 | LOW | 2.1 | 2000-05-30 | The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, … | |
| CVE-2000-0485 | LOW | 2.1 | 2000-05-30 | Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability. | |
| CVE-2000-0487 | LOW | 3.6 | 2000-06-01 | The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bi… | |
| CVE-2000-0518 | LOW | Patched | 2.6 | 2000-06-05 | Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two diff… |
| CVE-2000-0519 | LOW | Patched | 2.6 | 2000-06-05 | Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explo… |
| CVE-2000-0503 | LOW | 2.6 | 2000-06-06 | The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. | |
| CVE-2000-0559 | LOW | Patched | 2.1 | 2000-06-07 | eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily … |
| CVE-2000-0502 | LOW | 2.1 | 2000-06-08 | Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in a… |